Академический Документы
Профессиональный Документы
Культура Документы
usage of local admin rights from workstations throughout the organization. However, as
some approved functionality requires elevated permissions, a new solution has been put in
place to manage those use-cases in order to allow continued productivity. We are currently
in the process of building rules/policies in to AppSense Application Manager (ASAM) to
seamlessly manage these functions without any intervention by the user (once they are in
the appropriate global group to allow that activity).
Researching, building, approving, and testing these policies will take more time than has
been allowed to retire LWAR from the environment, so as an interim solution, a general
policy has been created to allow users to self-elevate their privileges as needed. This
solution provides the necessary functionality and security protection being pursued by the
removal of LWAR as it requires manual intervention on behalf of the user, and also enables
auditing capabilities to monitor the usage.
If you have a requirement for elevated permissions, follow the process below:
1. In order for ASAM policies to provide functionality based on the policies that are
created AppSense Application Manager (8.7 or higher) must be installed. This has
already been distributed throughout the environment, but it is not yet a part of the
standard image so there may be some devices that do not have it yet. If an
installation is required, please contact your BSL.
Please keep your employee ID and machine name ready to provide to your BSL. And
please contact BSL through mail or communicator. If Appsense Application Manager
needs to install for more people collect all the employee IDs and machine names
respectively and send a mail to BSL asking to raise SR for them.
Once the SR is raised the RCO team will contact you to install ASAM.
And please make sure that your machine has no problem after installation.(Some
times your machine will be restarted automatically, then you should contact the RCO
team and correct it.)
Available Groups and click the button to move it in to the Selected Groups
box (Next)
9. Type a detailed description explaining how you use administrative privileges and
what its business justification is
I as developer need local admin access rights for my system to run Microsoft Visual Studio 2012 Premium with MSDN and to
create workspace under c:/.
10.Click Submit
Note: This is only a temporary solution. Eventually the needs of software that require
elevated permissions will be managed by policies that are built for ASAM, and
functionality will be provisioned by requesting specific global groups.
Once approved, all that is required to run something with administrative rights is to: